Off-line reset and timestamp

Question

Hi. 
 When a user performs an off-line password reset and a couple of days later the user connects the computer to the domain - what timestamp will be used for the password change? 
 
 Kind regards, 
 Ingvar

Jim.Casey · Accepted Answer

Hi Ingvar, 
 
No. They do not need to reset their password again after re-connecting to the AD domain. 
When the user enters the challenge code on the PM portal they must also reset their password in AD. 
They then enter the response code and the same password into the offline computer. 
When the offline computer is reconnected to the domain the passwords are the same but the timestamp on the computer is sync’d with the timestamp in AD. 
They do not have to reset the password again. 
 
For full details on each of the process steps please see 
 support.quest.com/.../30 
And scroll down to “Allow users to reset passwords offline” 
 
Hope this helps. 
 
Regards, 
 
Jim C.

Aidar.Karabalaev · Answer

My impression was for *Offline password reset* steps: 
1. internet. user logins to http://PM/PMUser | chose option 'Offline password reset' | answers Q/A | resets new password (call to AD/pwdLastSet timestamp set) and gets issued rabdomaly generated PC token=F(PC$ client ID). 
2. PC$ offline. user logins into PC$: Windows Logon Screen | Option PM Offline Reset | input (PC token + new password): user logs into PC$ and password hash is rest to the new one 
3. PC$ in corp network (VPN, or in the office): user logs in with AD authentication, triggers PC$ local password hash to be reset and synced. 
Again (1) will do the pwdLastSet.